Skip to content

Update indicator validation schema #39

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 12 commits into from
May 5, 2025
Merged

Update indicator validation schema #39

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
0a452b7
Create dependency management indicator
fdiblen Apr 3, 2025
baca448
adapt the dependency management to the new indicator schema
Apr 8, 2025
da20078
add source filed to the dependency management indicator
Apr 28, 2025
741b9be
Merge branch 'main' into indicator_sus_dependency
Apr 30, 2025
ad22517
Merge branch 'main' into indicator_sus_dependency
Apr 30, 2025
5394251
add the second source for dependency management indicator
Apr 30, 2025
2567821
update author field in indicator validation schema
Apr 30, 2025
2f87143
created field is not required in indicator validation schema
Apr 30, 2025
ad0bcfe
update contact field in indicator validation schema
Apr 30, 2025
17af04f
update source field in indicator validation schema
Apr 30, 2025
30bd1fd
adapt source filed of indicators/no_critical_vulnerability.json
Apr 30, 2025
2df80ff
adapt source filed of indicators/no_leaked_credential.json and remove…
Apr 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 34 additions & 0 deletions indicators/dependency_management.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
{
"@context": "https://w3id.org/everse/rsqi#",
"@id": "https://w3id.org/everse/i/indicators/dependency_management",
"@type": "SoftwareQualityIndicator",
"name": "Software has dependency management solution",
"identifier": { "@id": "https://w3id.org/everse/i/indicators/dependency_management" },
"description": "Reviews how external libraries and dependencies are managed to ensure compatibility and security.",
"status": "Active",
"keywords": [
"sustaninability", "dependencies"
],
"version": "1.0.0",
"author": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question. Is this correct? You are technically the author of the entry, but not the author of the indicator, right?

"@type": "Person",
"name": "Faruk Diblen"
},
"contact": {
"@type": "Person",
"name": "Faruk Diblen"
},
"source": [
{
"identifier": "https://zenodo.org/record/14852424",
"url": "https://zenodo.org/records/14852424/files/Software%20Quality%20Indicators.xlsx",
"name": "Software Quality Indicators from BioHackathon 2024 (Sheet: Sustanability, Row: Su7)"
},
{
"url": "https://fair-impact.github.io/RSMD-guidelines/8.rsmd_checklist/",
"name": "RSMD checklist"
}
],
"qualityDimension": { "@id": "https://w3id.org/everse/i/dimensions/sustaninability" },
"created": "03-04-2025"
}
16 changes: 9 additions & 7 deletions indicators/no_critical_vulnerability.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,24 +3,26 @@
"@type": "SoftwareQualityIndicator",
"name": "noCriticalVulnerability",
"description": "Checks if reported critical vulnerabilities has been fixed",
"keywords": ["security", "critical", "vulnerability"],
"identifier": { "@id": "https://w3id.org/everse/i/indicators/no_critical_vulnerability"},
"keywords": [ "security", "critical", "vulnerability" ],
"identifier": { "@id": "https://w3id.org/everse/i/indicators/no_critical_vulnerability" },
"status": "Active",
"version": "1.0.0",
"author": {
"@type": "schema:Organization",
"name": "OpenSSF",
"url": "https://openssf.org/"
},
"source": {
"@id": "https://www.bestpractices.dev/en/criteria/0#0.vulnerabilities_critical_fixed",
"name": "OpenSSF Best practice Critical Vulnerability Fixed"
},
"source": [
{
"@id": "https://www.bestpractices.dev/en/criteria/0#0.vulnerabilities_critical_fixed",
"name": "OpenSSF Best practice Critical Vulnerability Fixed"
}
],
"contact": {
"@type": "schema:Person",
"name": "Tom François",
"schema:email": "[email protected]"
},
"qualityDimension": {"@id": "https://w3id.org/everse/i/dimensions/security"},
"qualityDimension": { "@id": "https://w3id.org/everse/i/dimensions/security" },
"created": "03-04-2025"
}
17 changes: 9 additions & 8 deletions indicators/no_leaked_credential.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,24 +3,25 @@
"@type": "SoftwareQualityIndicator",
"name": "noLeakedCredentials",
"description": "Checks if hardcoded secrets like passwords, API keys, and tokens is stored in the public git repository",
"keywords": ["security", "credential", "leak", "secret", "password"],
"url": "",
"identifier": {"@id": "https://w3id.org/everse/i/indicators/no_leaked_credential"},
"keywords": [ "security", "credential", "leak", "secret", "password" ],
"identifier": { "@id": "https://w3id.org/everse/i/indicators/no_leaked_credential" },
"status": "Active",
"version": "1.0.0",
"author": {
"@type": "schema:Organization",
"name": "OpenSSF",
"url": "https://openssf.org/"
},
"source": {
"@id": "https://www.bestpractices.dev/en/criteria/0#0.no_leaked_credentials",
"name": "OpenSSF Best practice No Leaked Credentials"
},
"source": [
{
"@id": "https://www.bestpractices.dev/en/criteria/0#0.no_leaked_credentials",
"name": "OpenSSF Best practice No Leaked Credentials"
}
],
"contact": {
"@type": "schema:Person",
"name": "Tom François",
"schema:email": "[email protected]"
},
"qualityDimension": {"@id": "https://w3id.org/everse/i/dimensions/security"}
"qualityDimension": { "@id": "https://w3id.org/everse/i/dimensions/security" }
}
59 changes: 52 additions & 7 deletions tests/indicator_validation_schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,14 @@
},
"name": {
"type": "string"
},
"email": {
"type": "string",
"format": "email"
},
"url": {
"type": "string",
"format": "uri"
}
}
},
Expand Down Expand Up @@ -80,14 +88,52 @@
}
},
"source": {
"type": "string",
"format": "uri",
"description": "The source from which this indicator is derived."
"type": "array",
"description": "The source from which this indicator is derived.",
"items": {
"type": "object",
"properties": {
"@id": {
"type": "string",
"format": "uri"

},
"identifier": {
"type": "string",
"format": "uri"
},
"@type": {
"type": "string"
},
"url": {
"type": "string",
"format": "uri"
},
"name": {
"type": "string"
}
},
"required": [
"name"
]
}
},
"contact": {
"type": "string",
"format": "uri",
"description": "Contact point for more information."
"type": "object",
"description": "Contact point for more information.",
"properties": {
"@type": {
"type": "string",
"format": "uri"
},
"name": {
"type": "string"
},
"email": {
"type": "string",
"format": "email"
}
}
}
},
"required": [
Expand All @@ -96,7 +142,6 @@
"name",
"description",
"author",
"created",
"version",
"identifier",
"qualityDimension"
Expand Down